Scammers
are
capitalizing
on
the
runaway
popularity
of
and
interest
in
ChatGPT,
the
natural
language
processing
AI
—
impersonating
it
in
order
to
infect
victims
with
a
Trojan
malware
called
Fobo,
in
order
to steal
login
credentials
for
business
accounts.
ChatGPT
is
the
world’s
most
advanced
chatbot,
published
by
developers
OpenAI
back
in
November.
It’s
been
a
resounding
success:
It’s
regularly
overloaded
with
users
demanding
that
it
write
marketing
copy,
or
poems,
or
answer
questions
about
philosophy.
(In
fact,
OpenAI
has
developed
a
$20-per-month
subscription
plan
for
users
who
want
to
bypass
these
slowdowns.)
And
a
meme
has
been
making
the
Internet
rounds
recently,
about
how
long
it
took
the
world’s
biggest
apps
to
reach
1
million
users.
Netflix,
for
example,
took
3.5
years.
Facebook,
10
months.
Spotify,
five
months.
ChatGPT?
Five
days.
In
the
same
way
they
do
any
big
news
item
—
COVID-19,
the
Ukraine
war,
take
your
pick
—
hackers
have
twisted
the
popularity
of
ChatGPT
into
phishing
bait.
And
now,
according
to
a
blog
post
from
Kaspersky,
a
fresh
campaign
is
utilizing
social
media
impersonation
to
lead
unsuspecting
victims
to
a
fake
ChatGPT
landing
page,
where
“signing
up”
means
downloading
an
info-stealing
Trojan
called
Fobo.
The
Trojan
seeks
out
business
account
credentials,
which
could
be
used
for
follow-on
attacks
of
a
greater
scale.
According
to
the
report,
this
blatant
scam
has
already
spread
to
Africa,
the
Americas,
Asia,
and
Europe.
Faking
ChatGPT
to
Hack
Business
Accounts
The
researchers
at
Kaspersky
have
observed
grifters
running
social
media
accounts
that
either
impersonate
the
OpenAI/ChatGPT
brand
directly
or
pretend
to
be
communities
for
fans
of
the
program.
Sometimes,
the
accounts
post
neutral
content
relating
to
ChatGPT,
with
a
malicious
link
at
the
bottom.
Other
times,
according
to
the
blog
post,
they
post
“fake
credentials
for
the
pre-created
accounts
that
are
said
to
provide
access
to
ChatGPT.
To
motivate
potential
users
even
further,
the
attackers
say
that
each
account
already
has
US
$50
on
its
balance,
which
can
be
spent
on
using
the
chatbot.”
The
real
program
has
an
entirely
optional
subscription
plan
but
is
otherwise
free
to
use
for
the
general
public.
Unwitting
social
media
users
who
follow
the
malicious
links
in
these
posts
land
on
a
ChatGPT
homepage,
which
is
like
for
like
with
the
real
thing
in
almost
every
way.
convincing
fake
ChatGPT.
Source:
Kaspersky
Clicking
the
“download”
button
—
suspicious
in
itself,
as
ChatGPT
has
no
desktop
client
—
triggers
the
installation
of
an
executable
file.
“If
this
archive
is
unpacked
and
the
executable
file
run,”
according
to
Kaspersky
researchers,
“then,
depending
on
the
version
of
Windows,
the
user
sees
either
a
message
saying
installation
failed
for
some
reason,
or
no
message
at
all
—
at
which
point
the
process
seems
to
end.”
Behind
the
scenes,
however,
a
Trojan
horse
has
been
unleashed.
The
Trojan
looks
for
login
credentials
for
apps
like
Google,
Facebook,
and
TikTok,
stored
in
the
victim’s
browser.
But
in
particular,
Kaspersky
explained,
it’s
looking
for
usernames
and
passwords
for
business
accounts.
With
employee
usernames
and
passwords,
the
attackers
could
possibly
perform
more
significant
follow-on
attacks
against
enterprises.
“On
finding
a
business
account
in
one
of
these
services,”
the
researchers
explained,
“it
tries
to
get
additional
information,
such
as
how
much
money
was
spent
on
advertising
from
the
account
and
what
its
current
balance
is.”
How
to
Avoid
ChatGPT
Scams
That
the
perpetrators
of
this
campaign
chose
ChatGPT
as
their
vehicle
is
no
coincidence.
Among
its
many
more
frivolous
uses,
the
chatbot
has
proven
popular
in
business
settings.
Employees
are
using
it
to
write
emails,
copy,
and
marketing
materials
faster,
support
interviews
and
research
projects,
and
much
more.
To
avoid
engaging
with
a
malicious
fake,
though,
Kaspersky
recommended
avoiding
“offers”
like
those
from
this
story,
utilizing
security
software,
and
not
clicking
on
links
—
better
to
go
through
a
search
engine
or
type
the
URL
straight
into
your
browser.
As
of
this
writing,
Kaspersky
has
not
responded
to
a
direct
request
for
comment
by
Dark
Reading.
So,
in
substitute,
we
asked
the
ChatGPT
bot
to
provide
insight
on
the
matter.
It
had
this
to
say:
“In
conclusion,
the
rise
of
hackers
impersonating
ChatGPT
to
steal
login
credentials
is
a
serious
threat
that
should
not
be
underestimated.
The
implications
of
such
attacks
are
far-reaching
and
potentially
devastating
for
individuals,
organizations,
and
even
entire
industries.
As
technology
continues
to
evolve,
we
can
expect
these
types
of
attacks
to
become
more
sophisticated
and
difficult
to
detect.
It
is,
therefore,
imperative
that
individuals
and
organizations
take
proactive
measures
to
protect
themselves,
such
as
regularly
changing
passwords,
enabling
two-factor
authentication,
and
staying
vigilant
for
signs
of
phishing
attacks.
Only
by
working
together
and
taking
these
steps
can
we
hope
to
mitigate
the
risks
posed
by
hackers
impersonating
ChatGPT
and
other
forms
of
cybercrime
in
the
future.”
About Author
